Design and evaluation of a resilient IBN architecture: Integrating post-quantum cryptography with adaptive threat detection using machine learning

As the domain of network security keeps on evolving rapidly, especially in sensitive areas such as healthcare systems, the demand for reliable device verification, controlling access, and spotting threats is growing sharply. This paper presents the design, implementation, and systematic evaluation of an improved Intent-Based Networking (IBN) system that integrates post-quantum cryptography, certificate-based identity management, and machine learning-based anomaly detection within a unified framework. The system incorporates SPHINCS+ post-quantum digital signatures for quantum-resilient authentication, X.509 certificate lifecycle management for establishing device trust, and hardware-aware cryptographic operations to maintain efficiency. It further enforces fine-grained access policies using Role-Based Access Control (RBAC) augmented with Multi-Factor Authentication (MFA), ensuring strong access governance across network segments. For early threat detection, machine learning models such as Isolation Forest and MiniBatch KMeans are employed to learn communication patterns and detect anomalous device behavior. Additionally, event logs are maintained using asynchronous, hash-chained logging mechanisms inspired by blockchain principles, ensuring auditability and data integrity. To address evaluation transparency and rigor, the framework is assessed using a controlled prototype testbed with explicitly defined traffic features and reproducible experimental settings. The evaluation considers cryptographic correctness, access control performance, anomaly detection capability, and scalability under increasing workloads. Experimental results demonstrate 100% success in post-quantum signature generation and verification, effective anomaly detection with no observed false negatives in the evaluated scenarios, and stable log-processing throughput as the number of events grows. Importantly, this work does not claim novelty in individual components, but contributes through the system-level integration and empirical evaluation of a quantum-safe, ML-assisted IBN security architecture. The findings highlight key trade-offs between security enforcement and usability, while also identifying limitations such as certificate expiry handling gaps, conservative policy behavior, and lack of large-scale statistical validation. These observations establish a reproducible baseline and motivate future work toward statistically rigorous validation, real-world deployment, and adaptive policy optimization.